Chapter 46: Outnumbered (2)

At 2:00 pm, the heads of the office lobby of the Public Relations Department of Vader Real Estate rushed to the scene, and the colleagues around me were busy, but I was just doing nothing, sitting at my desk and supporting my head, reluctantly reading the files.

But just as I felt drowsy, the satellite phone began to ring wildly.

I took out my cell phone and looked at the number. I knew it was Chen Yu who called it. As the saying goes, "I won't go to the Three Treasures Hall without any trouble." I have to answer this call.

"Hey, Brother Fourth, is there anything wrong?" I rubbed my sleepy eyes, closed the boring customer information, and said politely.

"Lao Wu, something big happened to the website. Do you have a computer around you? Go online and take a look!" On the other side of the phone, the number of IPs recorded in the Internet log continues to grow, and the scale of attacks is gradually expanding. The current bad situation has made Chen Yu's voice a little deformed.

I forced myself to cheer up and said seriously: "What happened?"

Chen Yu closely followed the changes in the situation and said in a concise statement: "Lao Wu, the website server suffered an unprecedented ddos ​​continuous attack at 11:00 noon, and lasted about an hour; and just now, unknown hackers started the second wave of attacks. In just ten minutes, the scale had exceeded that at noon. Now, conservative estimates are conservative that at least 500,000 computers around the world attack our server at the same time! Because the traffic is particularly large, the server has crashed twice!"

"Okay, I'll go and check it out right away and contact you later!"

Although I have never been very considerate of hackers who use ddos ​​to attack, this trick is just to use thousands of "branded chickens" to send online traffic. I have done it a long time ago and am too lazy to do that now. However, the characteristics of ddos ​​attacks are easy to attack and difficult to defend make me feel that it is a certain challenge, not to mention that the Red Guest Alliance is the one who is attacked. As the founder, I cannot stay out of it.

Forced by the situation, I put down the phone, used the waste, and directly opened the basic computer in front of me, and started to operate it uneasy.

Since the Red Guest Alliance server could no longer respond, I naturally could not log in. I could only use the chat tool to ask Zhang Han for the network traffic log. Only after I saw this did I know the seriousness of the problem.

The source addresses of most IP packets are real addresses on the Internet. I asked Zhang Han to experiment with several of them, and they can ping them. After scanning, I found that most of them are Microsoft's hosts. According to this situation, there is no doubt that they are all "branders" who are loaded with specific programs.

I stared at the computer screen and roughly estimated that the attack source has about 40,000 to 50,000 different IP addresses, and the log is also mixed with a lot of fake IP source address messages. For a moment, I couldn't tell which IP addresses are real IP addresses and which IP addresses are fake, but the real addresses will be at least more than one hundred.

"Grandma, it's big, and it's quite a big deal!" I couldn't help but curse in my heart. It seemed that the other party was clearly not afraid of revealing the real identity of the host (attack source) that was controlled. Therefore, it is estimated that the number of hosts controlled is much larger than that of the DDOS attack, so these guys don't care about losing thousands of broilers.

"Lao Wu, how about it? Is there a way? The continued attack of the Red Guest Alliance has spread on websites such as Hawks, Eighth Legion, and China. Now everyone is waiting to see us joke!" Chen Yu learned about the outside world and eagerly typed a text.

"Have you called the upstream ISP? Ask them to set up route access control list filtering, and at present they can only do this!" I observed my colleagues around me, who were working hard and did not pay attention to me, a newcomer.

Chen Yu seized the last hope and said expectantly: "I've hit it, but they are afraid of affecting other users' use, so we can find a way for ourselves. But we are under attack now and there is no time to set up a new firewall. Lao Wu, do you think of a way?"

Impact other users' use? Who can guarantee the rights of the Red Guest Alliance? I snorted coldly and firmly said: "Give me the phone number, I'll try it!"

Generally speaking, in this case, the best way is to let the ISP find the entrance of the DDOS attack into the ISP network in their network and cut it off at the entrance. Although the DDOS is estimated to come from all directions, it will gather together in most cases. The entry point for entering the upstream ISP network is still limited. However, when the attack is encountered, ISP refuses to help, so I let me use the broken computer in front of me to track it? I guess I can't do anything except watching the battle.

"Okay, I'll notify my second brother and let him contact you!" Chen Yu deeply realized at this time what a wise decision it would be to bring partners with government background to join the team!

※ ※

When Kondo was receiving an encrypted message from Shanghai, China, when he showed joy, he hurriedly knocked on the office door with the document in his hand.

"Captain Inoue, according to eavesdropping, at 3:13 Tokyo time, the core members of the China Red Guest Alliance have asked for help from the 'angel'. We can believe that the 'angel' is the mastermind of invading the cabinet website, and he has begun to track down the real attack source. If the attack continues, according to the 'angel' ability, he may find our IP address. Please give instructions!" Kondo stood up straight, lowered his head slightly, and asked respectfully.

Inoue pondered for a moment, then slowly said: "Order the assassination troops to set off for Shanghai immediately to be responsible for assisting Akiza Tamako in implementing the assassination plan!"

"Yes!" Kondo nodded and accepted the order in a unique way for the Japanese.

Seeing that Kondo was about to leave, Inoue added seriously: "Wait a minute, order the assassination troops to carry out their missions in a level A plan. According to the relationship between the 'angel' and the Chinese government, no handle is allowed. If anyone is captured, they will be killed without any refusal!"

"Yes, understand! Does Chief Inoue have any other instructions?" Kondo knew in his heart that the victim seemed to have died in an accident, and this was the A-level plan in Inoue's mouth.

Inoue knocked down the table fiercely, shot out anger spark and said loudly: "The Red Guest Alliance was invaded, and the 'angel' will not let it go. You send some cybersecurity experts to pay attention to the movement at any time. As long as you find suspicious elements tracking us, you don't need to show mercy. For the purpose of destroying the enemy's network equipment, I want the 'angel' who is about to meet with the God of Death to know the consequences of opposing the Great Japanese Empire. Also, now the Red Guest Alliance has lost its value and destroyed their servers by the way. We cannot allow any organization or individual to slander the Great Japanese Empire!"

"Yes, I'll do it now. Please wait for the good news by Chief Inoue!"

Japan's network technology is the world's top, and Kondo is still very confident in dealing with a civil organization. He gently closed the office door and immediately recruited his subordinates to reassign tasks. A new round of cyber attacks kicked off.

But who knows that it was this destructive cyber attack that left an indelible mark in the memories of core members of the Red Casino League, which directly led to the Sino-Japanese hacker war after the Spring Festival in 2001...

※ ※

When people get unlucky, drinking cold water will cause them to get stuck in their teeth!

After finally getting a call from the upstream ISP network administrator, I thought I would like to explain the current situation of Hongke Alliance with him. He should agree to set up route access control list filtering to alleviate the pressure on Hongke Alliance servers.

But who knew that the other party was lazy and worried that after setting up the route access control list to filter, it would cause great difficulty for him to control and manage it. He insisted on bringing out a lot of reasons to deal with me and bluffed me, and he simply regarded me as an amateur.

If it weren't for the fact that the Red Guest Alliance had to solve the difficulties himself, I was really angry, so I almost started arguing with him on the phone. In the end, I had no choice but to take the title of the Ministry of Public Security. Under threats and warnings, he was willing to do his job honestly.

I hung up the phone indignantly. I looked at the busy colleagues around me, wondering how much should I do?

Sitting and waiting for others to solve the problem is not my usual style. I put my laptop in the car and I don’t need a good desktop computer in the office. I will operate the laptop on purpose. This is too eye-catching and not feasible.

But for a while, where can I find an enterprise-level server?

I grabbed my hair, lowered my head, and my eyes stayed on the computer host with ordinary performance, racked my brains to find countermeasures. Suddenly, a bold idea jumped out of my head, causing my heart to jump.

As we all know, in the past, the level of hackers was usually divided by controlling the number of computers.

Hackers who can control one or two computers anytime, anywhere belong to the same level, hackers who control one hundred to one thousand hosts are one level, and hackers who control more than tens of thousands of hosts are another level.

However, people with higher levels of level than these hackers control the entire network structure, including switches, routers, and especially the backbone switches of large enterprise networks. Controlling these devices is equivalent to controlling the entire enterprise network, which is much more powerful than controlling a single host.

The last level is someone who has the ability to control large routers of the Internet backbone network. If he reaches this level, at least a part of the entire Internet has been controlled by him.

Is there such a person?

If I were to control the entire enterprise network, I would still dare to try it.

Controlling large routers? In addition to the lack of conditional tests, lack of self-confidence is also a key factor, so I believe that I am not knowledgeable and cannot reach the highest level. I can only try it for now whether I can control the entire computer network of VIDA Real Estate.

...

Building a solid, non-aggressive system is the common dream of every computer user, and it is also the dream and goal of operating system manufacturers like Microsoft.

From the day Microsoft Windows was born, this dream is moving forward step by step, but with the arrival of the Internet frenzy, this dream seems to be gradually drifting away again...

Although the overall Windows 2000 used by Vader Real Estate has improved greatly compared with the previous operating system, it has inevitably suffered a large number of attacks, and these attacks are almost all based on the system vulnerabilities that are inherent in Microsoft's operating system. There are currently many cases of attacks such as vulnerability intrusion. Not only Microsoft's operating systems, but also unix, linux, solaris... they will also be attacked inexplicably due to vulnerabilities, and the network is completely improved in the constant discovery of vulnerabilities.

Fortunately, the sky is endless and the feng shui changes!

I clearly remember that there was a survey report on the copywriting of the Central Committee for establishing the Network Supervision Section, which clearly stated that 90% of computer users usually did not patch system vulnerabilities. Therefore, as long as a series of high-risk attack codes appear on the network, these users are in a serious cybersecurity threat.

Using the data from the investigation report, I quickly discovered that my colleagues around me really forgot to patch the system. The exposed vulnerabilities make the system very dangerous. It can make it easy for me, a hacker with attempts, to obtain the highest authority of the system and then do whatever he wants.

Therefore, I did it right away. I immediately attacked the public code I downloaded from the Internet. If the success rate of Purong people can reach 80%, after a slight technical improvement of hackers of my level, the attack level has reached 100%.

And while stealing permissions and deeply analyzing it, I found that the current situation of the entire dry network of Vader Real Estate is even more serious. In addition to program vulnerabilities, there are many details that leave me with rare opportunities, such as the level of system administrators, the habit of using computers by colleagues around me, network environment problems, and security product performance problems.

The ridiculously low-yield network administrator only knows how to install anti-virus software on the system and regularly upgrade and patch it, and does not do other maintenance.

It is estimated that he does not know that the crisis caused by the vulnerability has become increasingly serious. The role of simple anti-virus products in ensuring network security is gradually decreasing. Many foreign anti-virus manufacturers have focused on the research of system vulnerabilities, but he has not taken precautions as soon as possible.

I seized the temporary negligence of the network management. Many loopholes such as the http protocol and ftp protocol used by the www service were exposed to my eyelids. This broken network structure cannot prevent real hackers at all, and I am even more troublesome.

Based on the weaknesses of the network transmission protocol, the security of VIDA Real Estate's router is also deeply worrying. It allows me to easily find the password archive. This is worthy of sadness for the company. So after a simple cracking, I directly controlled VIDA Real Estate's router.

After unexpectedly solving the first step, I couldn't help but imagine that perhaps it was based on the weaknesses of the entire Vader Real Estate network structure that more and more viruses are spreading using various channels of the Internet. No wonder when a new virus appears, it can spread all over the world within hours.

However, I have no time to deal with these problems that the network inspection department needs to solve in the future. After gaining control of the network structure of VIDA Real Estate in a short time, I targeted the routers and switches of the entire new Shanghai International Building.

As the network manager of the entire dry network of the New Shanghai International Building, if he is competent, he will not be completely unaware of the problems that arise from Vader Real Estate. So I question again whether the dry network manager is a qualified security expert?

As a hacker, of course I would not miss any opportunity. Therefore, I made a bold decision to try to find out the vulnerabilities of the router and switch and further control the network structure of the entire building. Assuming that it can be successful, the bandwidth will definitely be increased and a lot of bargaining chips will be added to track down the real attack source!

A man, a real man, do whatever he says!

After I adjusted the computer screen and became hidden enough, I challenged the previous network again.

According to past experience, routers and switches mainly forward network traffic and forward network traffic to the correct daily address. In order to achieve this goal, routers and switches must communicate routing information with each other, and this method is the routing protocol.

Whether it is an enterprise network or an ISP Internet backbone network, all routers and switches must run these routing protocols. These routing protocols are the language for communication between Internet devices, and why any host on the Internet can be linked to any other host.

So finding vulnerabilities on routers and switches is equivalent to finding vulnerabilities on these network protocols. In order to achieve this step, I immediately investigated and then searched the Internet for the recently announced vulnerabilities, because time does not allow me to discover vulnerabilities.

Sure enough, when I was about to use the announced vulnerability test, the avatars of Zhang Han, Chen Yu and Fei Da flashed in front of my eyes at the same time on Tencent chat.

"Lao Wu, the ddos ​​attack has stopped, but the server is being hacked, and there is more than one enemy, come and help!" Open the dialog box, and the instant messages sent by the three people are almost the same.

"I'll come soon, you can hold on!" I thought to myself, if the vulnerability cannot crack the building router and switch, I will remotely control the host of VIDA Real Estate to fight to kill the enemy.

The situation of the Red Guest Alliance has never been so precarious. Fei Da couldn't help but urge: "Okay, those hackers are very cunning. As long as they find that they are being tracked, they will be disconnected from the Internet and disappear immediately, but the number of people trying to invade the website has not decreased. This time the enemy is very powerful, try to be as fast as possible, I'm worried that the server will not be able to support it for long!"

"By the way, brother, you talked with me last time. Didn't you load the honeypot technology on the server? Since a hacker comes to attack, why not use it? This can solve a lot of trouble!" I seized the time, worked hard and asked Fei Da a question.

"Hey, if the honeypot technology is implemented, of course we don't have to worry so much. Unfortunately, half of it was only halfway through, and only loading information in some hardware, and not having time to use the overall network, otherwise we would definitely be able to find the IP addresses of those guys!" Fei Da sighed and typing on the keyboard regretfully.

"Then forget it, I'll try to speed up the movement!"

After the answer, I devoted myself to cracking the building router and switch. Ten minutes later, I had to thank the goddess of luck for my favor, which allowed me to meet two irresponsible network administrators, and allowed me to simply control the network structure of the entire building and limit the bandwidth of all users. I immediately became involved in the battle with unknown hackers.

"Lao Wu, there are a few guys on port 80, and I'll leave them all to you!" Seeing that I returned to the team, Fei Da couldn't get out and had to make other arrangements.

"Okay, no problem!" The computing power of the VIDA Real Estate server is quite reasonable. If I fight with an ordinary hacker, I am not worried, so I answered happily and used the dynamic IP I just captured to track it.

※ ※

"Report to the chief, we found a strange IP coming to intercept him and request instructions!" The technician in charge of the task stood up and reported to Kondo who was walking by.

"Learn from the Shanghai branch, I want to know what the 'angel' is doing?" Kondo heard this and strode to the console and spoke to the correspondent.

"Yes, sir!"

...

After receiving the notice from his superiors, Xia Yu walked to Zhong Liang sweetly, asked with a flash of eyes: "Brother Zhong, where is the copy room?"

Seeing that the beauty took the initiative to ask him for help, Zhong Liang stood up and replied enthusiastically: "I can't explain it clearly for a while, so I'd better take you there!"

"Okay, please trouble you!" Xia Yu followed Zhong Liang lightly with a grateful smile, and walked slowly by me.
To be continued...